Security Advisory

CVE-2026-4528

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-21 22:02:11

Last updated 2026-03-23 16:25:13

Assigner VulDB

State PUBLISHED

Description

A vulnerability was determined in trueleaf ApiFlow 0.9.7. The impacted element is the function validateUrlSecurity of the file packages/server/src/service/proxy/http_proxy.service.ts of the component URL Validation Handler. This manipulation causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

← Browse all CVEs View on cve.org ↗